Purchase Linux CDs / DVDs / Flash Drives at OSDisc.com

Welcome to Our Community

While Linux.org has been around for a while, we recently changed management and had to purge most of the content (including users). If you signed up before April 23rd please sign up again. Thanks!

What are you guys using for firewalls at home?

Discussion in 'General Linux' started by Rob, Apr 24, 2017.

  1. Rob

    Rob Administrator
    Staff Member

    Joined:
    Oct 27, 2011
    Messages:
    166
    Likes Received:
    448
    I've been using untangle on a Dell r210 for the past few years - it's based on Debian and has been pretty solid. I've been thinking of switching to pfsense though to see what the differences are.


     
    blackneos940 likes this.
  2. ryanvade

    ryanvade Moderator
    Staff Member

    Joined:
    Apr 24, 2017
    Messages:
    28
    Likes Received:
    23
    I've been using the default firewall in RouterOS on my microtik routerboard.
     
  3. Steve

    Steve New Member

    Joined:
    Apr 25, 2017
    Messages:
    12
    Likes Received:
    17
    Currently just using the firewall that is in my router, but will be moving and will take the opportunity to switch to a pfsense firewall.
     
    ryanvade likes this.
  4. KarlLinux

    KarlLinux New Member

    Joined:
    May 2, 2017
    Messages:
    17
    Likes Received:
    5
    I too am interested in setting up a home firewall. I am considering pfsense and untangle. Been watching YouTube videos on both. Untangle seems to be easier to use with few advanced options. I will try untangle first seem as though you have had no problems with it. I plan to put onto a cheap low-powered PC I can get my hands on and see how it goes.
     
  5. lethargos

    lethargos New Member

    Joined:
    May 8, 2017
    Messages:
    2
    Likes Received:
    0
    I'm using csf/lfd. But I'd have liked something even more customable, such as automatically banning any IPs from which root ssh logins are attempted. But I like the fact that it's on top of iptables.
     
  6. Rob

    Rob Administrator
    Staff Member

    Joined:
    Oct 27, 2011
    Messages:
    166
    Likes Received:
    448
    csf/lfd bans failed login attempts as long as its x times within x seconds. You can tweak it in your csf.conf. I think by default, it's 5 times within 300 seconds.
     
  7. lethargos

    lethargos New Member

    Joined:
    May 8, 2017
    Messages:
    2
    Likes Received:
    0
    I know and I've already tinkered with that. But the user one tries to log in with is not a criterion for lfd, at least not by default. What I'd have liked was an immediate ban for anyone trying to log in with the root user. Some time ago someone suggested adding some perl code in order to match 'root', etc. Rather difficult - I'm still not sure if I'll ever learn perl, but maybe I'll try. Now I'm struggling with awk :)
     
  8. Rob

    Rob Administrator
    Staff Member

    Joined:
    Oct 27, 2011
    Messages:
    166
    Likes Received:
    448
    You could set up a script to keep an eye on lastb (type lastb, it'll show you failed logins) for the root user and ban the top 10 (or 20 etc..) in csf..

    First step, find the top 10 offenders:
    Code:
    lastb|grep root|awk '{print $3}'|sort|uniq -c|sort -n|awk '{print $2}'|tail -n 10
    Then, ban them w/ csf like:
    Code:
    for m in $(lastb|grep root|awk '{print $3}'|sort|uniq -c|sort -n|awk '{print $2}'|tail -n 10);do csf -d $m;done
    Put it in a script in /usr/local/bin/ or something and call it from cron daily.

    Note: to see the staggering amount of people trying to log in as root and showing their attempt count, type this:
    Code:
    lastb|grep root|awk '{print $3}'|sort|uniq -c|sort -n
    Rob
     
    JasKinasis likes this.
  9. ryanvade

    ryanvade Moderator
    Staff Member

    Joined:
    Apr 24, 2017
    Messages:
    28
    Likes Received:
    23
    Isn't there an automated service that will do that for you Rob?
     
  10. Rob

    Rob Administrator
    Staff Member

    Joined:
    Oct 27, 2011
    Messages:
    166
    Likes Received:
    448
    Well, you can tweak the csf settings on failed logins, but if you want to single out root logins this could be a way to get it done..
     
  11. blackneos940

    blackneos940 Member

    Joined:
    May 16, 2017
    Messages:
    55
    Likes Received:
    12
    Windows 95..... :3
     

Share This Page